Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
9,160 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

9160 Commits

Author SHA1 Message Date
Phillip Webb 71bc145ae4 Remove superfluous comments 
Use '^\s+//\ \~\ .*$' and '^\s+//\ ============+$' regular expression
searches to remove superfluous comments.

Prior to this commit, many classes would have comments to indicate
blocks of code (such as constructors/methods/instance fields). These
added a lot of noise and weren't all that helpful, especially given
the outline views available in most modern IDEs.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb b7fc18262d Reformat code using spring-javaformat 
Run `./gradlew format` to reformat all java files.

Issue gh-8945
 2020-08-24 17:32:56 -05:00
Eleftheria Stein cf48f986f6 Fix typo in resource server documentation 2020-08-24 09:10:33 +02:00
Rob Winch 046cdd7f07 Update Snapshot Build to Kotlin 1.4.0 2020-08-20 10:45:53 -05:00
Martin Vietz 0486d5add9 scopes_supported metadata not used as default in ClientRegistrations 
Closes gh-8514
 2020-08-20 08:09:54 -04:00
Josh Cummings 21e9a410ee
Remove Package Tangle 
Issue gh-8876
 2020-08-19 15:52:20 -06:00
Josh Cummings e6d1e2cf81
Restructure SAML 2.0 Documentation 
Issue gh-8763
 2020-08-19 14:59:26 -06:00
Josh Cummings af5c55c380
Polish AuthnRequest Customization Support 
Having the application generate the AuthnRequest fresh allows Spring
Security to back away more gracefully. Using a Consumer implies that
the application will need to undo any values that Spring Security set
that the application doesn't want.

Also, if this does become a configuration burden, it can be simplified
in a separate ticket by exposing the default Converter.

Issue gh-8776
 2020-08-19 14:27:31 -06:00
Josh Cummings 3694485056
Polish SAML 2.0 Default Assertion Validator 
In several cases, taking a pre-set ValidationContext is not sufficient.
For example, the recipient is calculated via the
RelyingPartyRegistration that's currently in the context of the
request.

Instead, then, createDefaultAssertionValidator was broken up into two
different methods: One that takes no parameters and assumes the class's
default ValidationContext, and another that takes a converter to derive
the ValidationContext from the incoming authentication token.

Issue gh-8970
 2020-08-19 13:58:42 -06:00
Josh Cummings da7477cd41
Add Response to Authentication Conversion Support 
Closes gh-8010
 2020-08-18 17:49:34 -06:00
Josh Cummings 0c696dd58b
Remove XSAnyMarshaller AttributeValue Support 
In favor of customizing the authentication converter

Closes gh-8864
 2020-08-18 17:42:04 -06:00
Josh Cummings 7b3dda161b
Generalize SAML 2.0 Assertion Validation Support 
Closes gh-8970
 2020-08-18 12:23:42 -06:00
Josh Cummings 1069e91645
RSocket Deprecations 
Stop using deprecated RSocket APIs in integration tests

Issue gh-8948
 2020-08-13 17:51:59 -06:00
Rob Winch a4756cf62c --refresh-dependencies for snapshots 2020-08-11 09:53:18 -05:00
Eleftheria Stein 69e0552c30 Add servlet OAuth2 client Kotlin samples 
Issue gh-8172
 2020-08-11 14:25:27 +02:00
koishikawa11 be6d2f117e
Add hasAnyRole and hasAnyAuthority to authorizeRequests in Kotlin DSL 
Closes gh-8892
 2020-08-11 07:59:22 -04:00
Eleftheria Stein 5142d39079 Restrict Spring Framework version to 5.2.x 2020-08-11 13:25:30 +02:00
Eleftheria Stein 380a11566e Add registered OAuth2 authorized client Kotlin samples 
Issue gh-8172
 2020-08-11 10:24:21 +02:00
Eleftheria Stein 324d6795c9 Add WebClient samples to docs 
Issue gh-8172
 2020-08-11 08:33:46 +02:00
Eleftheria Stein 496fcbb102 Add OAuth2 resource server WebFlux samples 
Issue gh-8172
 2020-08-11 08:33:46 +02:00
Eleftheria Stein d839e4dd71 Fix typos in resource server docs 
- Use withJwkSetUri instead of fromJwkSetUri
- Use ES512 instead of EC512
- Use NimbusReactiveOpaqueTokenIntrospector instead of NimbusOpaqueTokenIntrospector in reactive
- User authorizeExchange instead of authorizeRequests
 2020-08-11 08:33:46 +02:00
Phillip Webb 81d9c6cac5 Add spring-javaformat plugin 
Add spring-javaformat plugin but disable it for all sample projects.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Phillip Webb 9caa39e370 Fix malformed formatter-on/off javadoc 
Remove the formatter-on/formatter-off comments from Javadoc examples
so that they don't confuse checkstyle. The comments are not necessary
in the Javadoc since `pre` blocks are not formatted in the same
way as code.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Phillip Webb 8e092f8d2c Add noformat blocks around withDefaultPasswordEncoder 
Find `withDefaultPasswordEncoder` calls and protect them against
formatting.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Phillip Webb 6979125ccf Add noformat blocks around User.withUsername 
Find `User.withUsername` calls and protect them against formatting.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Phillip Webb 63b5998fad Add noformat blocks around auth config 
Find `auth` config using a regex search of `^\s*auths*$` and protect
them against formatting.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Phillip Webb 103d822e46 Add noformat blocks around http config 
Find `http` config using a regex search of `^\s*https*$` and protect
them against formatting.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Phillip Webb 27ac046d8a Rename *Test.java -> *Tests.java 
Rename a few test classes that accidentally ended in `Test` instead of
`Tests`.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Rob Winch 94cf4d1de7 Fix SNAPSHOT builds 
- Stop using deprecated RSocket APIs
- Update SNAPSHOT build to use Boot SNAPSHOT
 2020-08-10 11:35:15 -05:00
Eleftheria Stein 12a8795c3d Fix typo in resource server docs 2020-08-06 14:11:13 +02:00
Rob Winch 7cc10ed277 Fix Email notifications 2020-08-05 14:11:57 -05:00
Joe Grandja a30541fcd9 Next Development Version 
NOTE:
The 5.4.0-RC1 release has been tagged at 74b42ba956
as it includes a fix related to RSocket integration tests.
 2020-08-05 15:03:27 -04:00
Joe Grandja 1d74d556c2 Revert "Lock Dependency Versions for 5.4.0-RC1" 
This reverts commit f3a1e5d40c.
 2020-08-05 14:59:11 -04:00
Rob Winch 74b42ba956 Move RSocket integration tests to integration tests 
Closes gh-8944
 2020-08-05 13:23:20 -05:00
Joe Grandja 10dbe140c9 Release 5.4.0-RC1 2020-08-05 13:46:57 -04:00
Joe Grandja f3a1e5d40c Lock Dependency Versions for 5.4.0-RC1 2020-08-05 13:46:11 -04:00
Josh Cummings a701555318
Polish Saml2AuthenticationTokenConverter 
Issue gh-8768
 2020-08-05 10:08:47 -06:00
Josh Cummings f82190b414
Add RelyingPartyRegistrations 
Closes gh-8484
 2020-08-05 10:08:47 -06:00
Josh Cummings 506786f46e
Replaced Spaces with Tabs 
Updated the .gradle file for SAML 2.0 Service Provider to use tabs
 2020-08-05 10:08:47 -06:00
Josh Cummings b999faa5a0
Complete SAML 2.0 SP Metadata Endpoint 
Closes gh-8693
 2020-08-05 10:08:47 -06:00
Jakub Kubrynski 8a355240bc
SAML 2.0 SP Metadata Endpoint Support 
Issue gh-8693
 2020-08-05 10:08:47 -06:00
Josh Cummings 31bae546e2
Removed Unused Files 
Saml2Utils and Saml2ServletUtils are no longer used

Issue gh-8768
 2020-08-05 10:08:46 -06:00
Joe Grandja 1361cb8790 Use reactor-netty-http for snapshot build 
Closes gh-8909
 2020-08-05 11:50:50 -04:00
Eleftheria Stein aeafe04260 Remove need for WebSecurityConfigurerAdapter 
Closes gh-8804
 2020-08-05 10:10:12 -04:00
Josh Cummings 5061ae9e79
Add Saml2AuthenticationTokenConverter 
Closes gh-8768
 2020-08-04 18:41:43 -06:00
Josh Cummings a10c2c6cf8
Polish DefaultSaml2AuthenticationRequestContextResolver 
Issue gh-8360
Issue gh-8887
 2020-08-04 17:29:13 -06:00
Josh Cummings 015281ff53
Add DefaultRelyingPartyRegistrationResolver 
Closes gh-8887
 2020-08-04 17:29:10 -06:00
Josh Cummings a402c3884a
Add ConditionValidator Support 
Closes gh-8769
 2020-08-04 13:05:23 -06:00
Josh Cummings d9d8253603
Polish OpenSamlAuthenticationProvider 
Issue gh-8769
 2020-08-04 13:05:23 -06:00
Joe Grandja 3bc0b8c144 Revert "Fix snapshot build failure related to reactor-netty" 
This reverts commit f37714a26f.
 2020-08-04 14:24:32 -04:00